Why cyber security remains a human discipline

2 March 2026 - Rennie Naidoo

Artificial intelligence is reshaping cyber security, but what it leaves behind may matter more than what it automates.

In the early years of digitisation, cyber security was a backroom concern: firewalls, antivirus software and the occasional audit. It was a technical domain, managed by specialists and monitored through logs that few executives could decipher. But today, the terrain has shifted.

As South Africa’s economy grows more digital, cyber security has evolved from an IT function to an existential concern. It now sits uneasily at the intersection of risk, regulation, reputation and trust. Yet, in this new terrain, one question remains unresolved: what does it really mean to be prepared?

Most organisations answer this through maturity models, risk registers and capability frameworks. These instruments promise measurement, structure, even a kind of strategic comfort. But in an age of permanent compromise, they may also offer something more dangerous: the illusion of control.

Maturity models have gained traction for good reason. They reject binary thinking and instead map security along a continuum, from reactive firefighting to proactive governance. When done well, they encourage capability-building across organisational cultures, processes and technologies. Read more.

This is an extract of an article first published on ITWeb.